5afd1b9968a1c0b5224342ecd79090d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5afd1b9968a1c0b5224342ecd79090d3
Size

432KB
MD5

5afd1b9968a1c0b5224342ecd79090d3
SHA1

147ae563eb0d1aef2c6c758f9f087b0144b4cfd1
SHA256

e85015a887a8787ae0ebeac40c58b4735052cabbfb8877f83334b33510b8c14a
SHA512

fa473767afdc24a11be32d2c8bfc231a8d542d4e9cb36f47b8ad58c88128525cc64bc780a805b8fbf1dd0b09d703a61bc04e4fc64b990dca027772989a73e657
SSDEEP

6144:28DmEtPe5QUCVCSYYixxn4UcD0o78DmEtPe5QUC:2smEBe5pCVIYcN4UcD0gsmEBe5pC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5afd1b9968a1c0b5224342ecd79090d3

Files

5afd1b9968a1c0b5224342ecd79090d3
.exe windows:4 windows x86 arch:x86

8c470bbc47e2409affdd7e0a2fe8511b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord595
ord632
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord608
ord717
ProcCallEngine
ord645
ord570
ord648
ord100
ord616

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ